MosaicRegressor: Second-ever UEFI Rootkit Found In The Wild The second-ever UEFI rootkit used in the wild was found by security researchers during investigations surrounding attacks from 2019 against two non-governmental organizations (NGOs). UEFI (Unified Extensible Firmware Interface) firmware allows for highly persistent malware given that it’s installed within SPI flash storage soldered Read more…
Crypto-mining Malware Adds Linux Password Stealing Capability The TeamTNT cybercrime group has recently updated its crypto-mining worm with password-stealing capabilities and with an additional network scanner to make it easier to spread to other vulnerable devices. While known mostly for actively targeting Docker instances to use compromised systems for unauthorized Read more…
Windows 10 Ignores Method To Disable Bing In Start Menu, Fix Found Microsoft quietly began ignoring a setting commonly used to disable Bing search results in the Windows 10 Start Menu and didn’t tell anyone. When performing a search in the Windows 10 Start Menu, Microsoft will display Bing’s search Read more…
New Ransomware Vaccine Kills Programs Wiping Windows Shadow Volumes A new ransomware vaccine program has been created that terminates processes that try to delete volume shadow copies using Microsoft’s vssadmin.exe program, Every day, Windows will create backups of your system and data files and store them in Shadow Volume Copy snapshots. Read more…
Microsoft Fixes Windows 10 Internet Connection Issues in New Update Microsoft has released a new optional preview update that fixes two bugs that prevent Windows 10 2003 users from connecting to the Internet. In July, we reported that Windows 10 users saw ‘No Internet’ message in the Network Connectivity Status Indicator (NCSI), Read more…
Online Avatar Service Gravatar Allows Mass Collection Of User Info A user enumeration technique discovered by security researcher Carlo Di Dato demonstrates how Gravatar can be abused for mass data collection of its profiles by web crawlers and bots. Gravatar is an online avatar service that lets users set and use a profile picture (avatar) Read more…
The Week in Ransomware – October 2nd 2020 – Healthcare Under Attack This week started with a bang as a large hospital chain was hit by a ransomware attack that disrupted the healthcare industry. We first learned of this Ryuk Ransomware attack on Universal Health Services (UHS) on Monday morning when doctors, nurses, Read more…
Grindr Fixed A Bug Allowing Full Takeover Of Any User Account Grindr has fixed a security flaw that could have allowed attackers to easily hijack any Grindr account if they knew the user’s email address. Grindr is a social networking platform for gay, bi, trans, and queer people active since its Read more…
Google Now Discloses Android vulnerabilities For 3rd-party Devices Google today announced the launch of a new program specifically designed to deal with security vulnerabilities the company finds in third-party Android devices and software serviced by Android OEMs. “Google’s Android Security & Privacy team has launched the Android Partner Vulnerability Initiative (APVI) to Read more…
HP Device Manager Backdoor Lets Attackers Take Over Windows Systems HP released a security advisory detailing three critical and high severity vulnerabilities in the HP Device Manager that could lead to system takeover. HP Device Manager is used by admins to remotely manage HP thin clients, devices that use resources from a central Read more…
Let us help you out.
Singapore
7 Temasek Boulevard
#12-07, Suntec Tower One
Singapore 038987
Thailand
The Royal Place 1
2, 2/399 Mahatlek Luang 1 Alley, Lumphini, Pathum Wan, Bangkok 10330, Thailand
Subscribe to our mailing list to get free tips on Data Protection and Data Privacy updates weekly!
Click one of our contacts below to chat on WhatsApp
